For all the progress the blockchain industry has made on security, hackers continue to drain billions from investors, proving that the fight against exploits is far from over.
In the first half of 2025 alone, more than $2.47 billion vanished through hacks, scams, and phishing attacks, according to data from security firm CertiK. The staggering figure already surpasses the entire amount lost in 2024, underscoring just how persistent and adaptive cybercriminals have become.
Bybit Breach Sets Grim Record
The most devastating event so far was the February hack on Bybit, which cost the exchange $1.4 billion in digital assets. It now ranks as the largest single exploit in crypto history and accounts for the lion’s share of this year’s losses.
While the second quarter saw a decline in both the number of incidents and the value stolen—about $800 million across 144 cases—the industry remains on track for another record-breaking year of theft.
Humans as the Weakest Link
CertiK co-founder and Columbia University professor Ronghui Gu calls the fight against hackers an “endless war.” Even as smart contracts and blockchains become harder to crack, attackers are shifting their focus toward people.
“Once the code is more secure, the next target is the human being holding the keys,” Gu said during a recent industry discussion. Roughly half of last year’s breaches stemmed from operational mistakes such as misplaced or compromised private keys.
Phishing scams highlight this vulnerability. In August, one investor lost $3 million in USDT after signing a malicious transaction, while another fell victim to a wallet-draining approval left unnoticed for more than a year, losing nearly $900,000.
An Unfair Battle
Unlike developers, who must secure millions of lines of code, hackers only need to uncover one weak spot. That asymmetry keeps the advantage on the attacker’s side, no matter how many upgrades security teams roll out.
With billions already stolen this year and phishing scams spreading quickly, experts warn that the next wave of crypto hacks may look less like brute-force attacks on code and more like psychological traps designed to exploit human error.
The information provided in this article is for informational purposes only and does not constitute financial, investment, or trading advice. Coindoo.com does not endorse or recommend any specific investment strategy or cryptocurrency. Always conduct your own research and consult with a licensed financial advisor before making any investment decisions.
Source: https://coindoo.com/hackers-exploit-cryptos-weakest-link-and-its-not-the-code/